Looks like the .org got listed when their crawler followed some links in a hijackthis log. The red listing for that probably put the .com site in the red since it is assciated with the .org and also links, according to siteadvisor, to other bad sites.

I'm a member there and have already posted to correct this. Anyone else who hasn't should post as well.

For me this shows one of the deficiencies of an "automated" approach to site listings.

You've got to wonder how many other sites have been false flagged, for a link that they have not posted themselves.

Seems to me that for a Malware removal forum, the likelihood of aquiring such links is unavoidable, and that therefore McAfee should be categorising such sites seperately._________________Gary RAdministrator atMalware Removal University

Howdy folks. Nick and Gary, thanks for your messages. You're right report these errors -- and it's troubling that SiteAdvisor didn't find these sooner, either from submissions from others, or from our own review of the data. Gary, you're right that it's hard to distinguish good from bad under some circumstances, but I think SiteAdvisor can (and generally does) do better than what you've reported.

Frankly I think you and others are also right to think that SiteAdvisor ought to fix these quickly. You might be surprised how hard it is to fix these -- updating all the servers hosted in multiple locations, updating the data that's shown to users who have the SiteAdvisor plug-in, etc.

I've been in the unfortunate position of being falsely accused by spam filters, and it's not a problem I want to see SiteAdvisor cause for others. I think you'll find SiteAdvisor is remarkably responsive to error reports -- but if anyone ever has a report they think is not getting the attention it deserves, send the problem to me. http://www.benedelman.org/mail

I have a thread at my place too, and here is some info about how reviewers impact a sites ratings:

From the reviewer page at SA:

Quote:

Bad shopping experience? Let us know. Did a site endlessly spam you? Gripe about it here. Have a particular expertise about adware? We need you.

By volunteering to become a SiteAdvisor reviewer, you can make your voice heard and help make the Web safer for everyone. Any comments left by a registered reviewer will appear on our site report pages.

Reviewer feedback can also directly affect a site's overall safety rating, but only after the site has been inspected by a McAfee SiteAdvisor employee. Most users start as basic reviewers. As you leave an increasing number of insightful comments (as voted on by other reviewers), your reviewer status increases, and your future comments will carry an increasing amount of weight in affecting a site's overall score.

Reviewer level and influence.

Reviewer

Ability to post site comments. Some influence on a site's overall rating and other reviewer reputations.

Experienced Reviewer

Stronger influence on a site's overall rating and other reviewer reputations.

Expert Reviewer

Significant influence on a site's overall rating and other reviewer reputations.

Experienced and expert reviewers who specialize in a particular area of Web safety (adware, spam, viruses or phishing) will have a special designation.

Nice to see you here and thanks for replying back. I would like to point out something a bit different, not necessarily being legit sites being tagged red but porn sites being tagged green? , I admit there can be false positives , hard to distinguish good from bad , but have a look here -- http://www.siteadvisor.com/sites/sriaus.com or - http://www.siteadvisor.com/sites/grandmasvideo.com/summary/ , the first one linking to most porn websites , and verdict being its green . If we go to the next link , we see even though its "linked with two red tagged websites" Online affiliation says "Links to green sites

Most of this site's links are to sites which are safe or which have only minor safety/annoyance issues." ... Umm I think something is definitely wrong here, specially now SA being a commercialised product and Mcafee being a market leader, these stuffs are not expected.

It would be nice if you look into these stuffs when you can , because millions use SA now , but green porn links or dubious tags will do more misleadings and cause "normal user" harm and that is as much important as good sites being tagged red_________________Spyware Analyst | Microsoft Corporation

These postings are provided "AS IS" without warranty, and confer no rights.

Sites do not become red (or yellow), in SiteAdvisor's rankings, based on presence of sexually-explicit material. See SiteAdvisor's Explanation

"Why don't you rate Adult content?

"Our goal is to help you stay safe online by testing everything on the web and reporting our test results on our Web site and through our software. We are testing primarily for safety, security, and online nuisances, not for potentially offensive content. So please don't misconstrue our 'green' safety ratings as an endorsement of a Web site's specific content or general subject matter, or as a general quality rating of the Web site. In particular, this means that many adult sites, which some people may find to have objectionable content, will receive green ratings if they pass our safety tests."

Turning to your third paragraph --

I just looked at the Subratam.org dossier, and I do show that site as green. I believe that rating is correct. Secunia.com is also green, as you say. It seems the one glitch is that the link chart in the subratam.org analysis mistakenly labels secunia.com as red -- even as the link section of the subratam.org analysis still says subratam.org is fine. I'm not sure why this link is miscolored, but we'll get this fixed.

All in all, though, I don't think your message reflects any cases of SiteAdvisor reaching any erroneous conclusion about the overall safety of any site, relative to SiteAdvisor's stated policies (e.g. as to adult sites). Some folks wish SiteAdvisor rated adult sites as such, but at least for now, that's not a project SiteAdvisor has taken on.

Sites do not become red (or yellow), in SiteAdvisor's rankings, based on presence of sexually-explicit material. See SiteAdvisor's Explanation

"Why don't you rate Adult content?

"Our goal is to help you stay safe online by testing everything on the web and reporting our test results on our Web site and through our software. We are testing primarily for safety, security, and online nuisances, not for potentially offensive content. So please don't misconstrue our 'green' safety ratings as an endorsement of a Web site's specific content or general subject matter, or as a general quality rating of the Web site. In particular, this means that many adult sites, which some people may find to have objectionable content, will receive green ratings if they pass our safety tests."

I just looked at the Subratam.org dossier, and I do show that site as green. I believe that rating is correct. Secunia.com is also green, as you say. It seems the one glitch is that the link chart in the subratam.org analysis mistakenly labels secunia.com as red -- even as the link section of the subratam.org analysis still says subratam.org is fine. I'm not sure why this link is miscolored, but we'll get this fixed.

Ya Subratam.org is shown green and been like that since start. I just wanted to point that red tag on Secunia , thanks for clarifying that.

Quote:

All in all, though, I don't think your message reflects any cases of SiteAdvisor reaching any erroneous conclusion about the overall safety of any site, relative to SiteAdvisor's stated policies (e.g. as to adult sites). Some folks wish SiteAdvisor rated adult sites as such, but at least for now, that's not a project SiteAdvisor has taken on.

Ben

I do understand "green porn" but i also wanted to point out that in between some green porn websites , some do have red tagged online affiliations and that do put some question about the overall safety of the "green tagged" website.

If you look in the comments, a Shane Keats posted explaining the reasons why porn isn't enough to flag a site. I pretty much agree that porn isn't a reason to give a site a red rating by itself. Sitehound , a toolbar by Firetrust, does use adult subject as a criteria in blocking sites. That does cause problems. For example, Fark.com gets a warning page. There are a few topics at Fark that contain some naked women, but nothing too involved. Sitehound has a free version, and it doesn't allow any details as to why a site is blocked. So the free users are left wondering why Fark is blocked and have no way to white list it. Siteadvisor lists it as green and explains why it is. Good.

However, one of it's links, easypic.com is green (link goes to SA page). That site contains little in itself, but links to hundreds of other sites. Some of the links are nasty stuff or pages that will install malware. I don't know how the SiteAdvisor bot works, but many of the sites easypic links to will use scripts and other methods to redirect you, open pages that you never clicked on, and all of the tricks to bomb you with crap. In short, on Easypic, you are one click away from getting malware. The bot might not be seeing all of this or is ignoring it. In any event, some sort of warning should be provided.

In this case, easypic is still OK, even though there are links from easypic to sexocean. SiteAdvisor may not have seen them, but they are there. Meanwhile, Spamhuntress gets flagged as a red site because it links to puremango.co.uk because the AV flagged one of the downloads on the site as Adware-2.5b56,Generic PUP.c. I'm not as familiar with php and programs uses to work with it, but this seems like a false positive in the AV detection. There's a warning on the page where you download it warning about AV's may detect it as a virus. I know the bot probably won't understand that, but only one download out of many gets it flagged as bad. The detection is also a borderline one. This is the same kind of thing why SmitRem gets flagged as a trojan. The tool can be good or bad, but the antivirus can't tell. So it lists it as bad.

So we have one download on a site that is otherwise good, causing spamhuntress to get a red listing. Meanwhile, we have one website, sexocean, being listed as bad, but it doesn't affect another, easypic, even though that site links to thousands of other sites. Of those thousands of other sites, many contain questionable and shady uses of scripts, Active X, and other techniques to redirect people. Some of the redirects will get malware on people's computers.

Hi everyone, this is Tom from SiteAdvisor engineering. We just released a big new set of data with much better detection of adware/virus downloads. However, we also marked a lot of great security sites red accidentally. What happened is that as we expanded our crawling capacity to check more and more pages on sites, we ended up crawling forums. Naturally, a lot of forums have links to bad sites or bad downloads.

Unfortunately, we didn’t catch this before the data went live…the good news is that these results were only public for about 24 hours before we fixed them. Thanks to everyone who logged on to siteadvisor.com and left reviewer feedback—this was an important way for us to realize that something was wrong.

We’ve done a couple of things to make sure this doesn’t happen again:

1) we’ve taught our crawlers what forums look like and we ignore anything we find in them

2) we’ve added all of the security sites that we had these false-positives on to our QA regression tests to make sure they don’t accidentally go red again

3) we’re teaching our scoring systems that security sites are allowed to link to bad sites or to bad downloads without making the security site itself a bad site

Subratam, thanks for the clarification post. I took another look at those sites, and now I understand why you were concerned. I think your concern perhaps isn't so much about the fact that these sites show sexually-explicit content (though they do), but that they immediately redirect to sites marked red. As such, if a user visits the sites you list, the user is likely to end up at a site that SiteAdvisor marks as red (for good reason).

This is the kind of practice that SiteAdvisor's link analysis section ought to catch, in general. I think I know why it didn't, in this specific instance, but that's irrelevant. What's most important, of course, is getting these sites classified correctly. I've submitted SiteAdvisor reviews giving my sense of how these sites ought to be classified. I expect that their rating will be updated appropriately.

Nick, the comments in your "however..." paragraph are great stuff. I will investigate this. But if you have specific reports like this, about specific sites you think are misclassified for reasons that are subtle or notable, you might consider posting these as reviews within the SiteAdvisor site. That will help spread your findings to more people, so they can avoid the bad links you identify. If SiteAdvisor staff can replicate what you report, this may lead to sites being reclassified accordingly. Finally, if you find site behaviors the SiteAdvisor bots don't understand, that's a great way to get the bots updated to be that much better. Meanwhile, I took a look at easypic.com, but I didn't know which links were the ones you were concerned about, so I couldn't readily investigate much further.

siteadvisor gives [url]//secunia.com [/url]a green approval - dedspite that it acknowledges the existence of a TROJAN on secunia's site.

i will assume that this is a bug.

but then, of what use is siteadvisor? are there alternative services that warn against sites?

would SWW members have given secunia a green approval, in view of an acknowledged trojan?

essentially all of the comments left by siteadvisor.com visitors were in agreement with mcafee. what am i missing here - i, a newbie, would not have given approval to a company that has its hands dirty with trojans? is there such a thing as a benign trojan?

Did you read the comments? I believe that report of a trojan is a false positive. This is probably correct:

Quote:

This is a good and safe web site. What the Siteadvisor bot can't see is that you can sign up to receive every security alert offered by Secunia. With all of the security alerts on the Internet today, it should come as no surprise that a large number of emails will end up in your inbox. While I have not signed up for email alerts here, I am sure that unsubscribing will quickly end the emails that a human would sign up for.

Also, a download listed, secunia.mov.zip is listed as a bad download. I can't find the file on the site to download to test, but it most likely is a zipped Quicktime movie file. Siteadvisor lists it as OSX/Exploit-ZipShell trojan, however a search on McAfee's database yields no results for any malware by that name.

In short, the site is safe.The large number of emails is to be expected if you sign up for every email alert and can be easily unsubscribed. If any malware files are on the site, they are for security people to analyze and test, not to infect people.

Siteadvisor needs to correct this yellow warning.

emphasis mine._________________Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn.

We do list sites on the Rogue/Suspect Anti-Spyware and Sites page but that's only related to rogue applications.

One more thing --SiteAdvisor uses robots to test sites and there is always a possibilty of false postivies or false negatives. But that doesn't mean SiteAdvisor isn't useful. It is correct most of the time. Just like with anything, the user needs to interpret what they say and make their own opinion and judgement. That's where the comments are useful on SiteAdvisor, also._________________Former Microsoft MVP 2005-2009, Consumer Security
Please do not PM or Email me for personal support. Post in the Forums instead and we will all learn.

Joined: 12 Apr 2007Last Visit: 03 May 2009Posts: 9Location: Brooklyn, New York City

Posted: Tue May 01, 2007 7:14 pm Post subject:

suzi wrote:

Did you read the comments?

i apologize. you are correct, Suzi - i misinterpreted what i read on mcafee's siteadvisor, and i want to retract whatever negative connotation was implied by my previous statements. siteadvisor is a valuable tool, as is the entire website.